GDPR and Data Retention

Files.com is committed to GDPR compliance. Read below to find some guidance about GDPR, and how Files.com is meeting these privacy obligations.

On May 25, 2018, the General Data Protection Regulation (“GDPR”) went into effect, establishing a unified framework for the processing and handling of personal data of individuals residing within the European Union. “Personal data” can include names, IP addresses, images, email addresses, or any other data that can be used to identify a person. The GDPR’s reach is intended to apply to organizations located within the EU as well as organizations located outside of the EU if they offer goods or services to, or monitor the behaviour of, people within the EU.

The GDPR and Files.com

In addition to world class security, Files.com offers the ability to choose where your data is stored. Current locations include:

  • USA, Virginia
  • Australia,Sydney
  • Canada, Toronto
  • (EU) UK, London
  • (EU) Germany, Frankfurt
  • Japan, Tokyo
  • Singapore

Files.com also provides customers the flexibility to manage their data from around the world, allowing quick responses to Right to be Forgotten and other requests from data subjects.

Customers that determine that they are data controllers under the GDPR will need to sign our Data Processing Addendum. To obtain a copy of our Addendum, please contact our Support team by phone at (800) 286-8372 or email at support@files.com.

Sub-Processor

To enable the Files.com service, we engage Amazon Web Service (AWS) as a sub-processor. AWS meets our rigourous security and confidentiality standards, which we would require from any future subprocessors.

We will notify customers who have signed a Data Processing Addendum of any changes to our subprocessors.

Files.com Features Useful for GDPR Compliance

We’ve built tools into the platform that allow you to customize data retention on a per-folder basis, allowing you to automate the data retention timelines you’ve set in your privacy policy.

Our encryption in transit and encryption at rest serve as a technical safeguard when storing personal information.

The information contained herein is for informational purposes, and is not for the purposes of providing legal advice. You should consult with your attorney with respect to any specific issue or problem.